Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/56045C5A383A11EEABD4D919C4F9AE02.roa
File: 56045C5A383A11EEABD4D919C4F9AE02.roa (raw, json)
Hash identifier: K2caBMCP7CU9taYElAYfvHaNAoptELQJcekUslmQnqY=
Subject key identifier: 8C:B5:8C:53:5F:FA:43:0D:22:55:42:04:4B:56:3D:C2:0C:B0:A3:30
Certificate issuer: /CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Certificate serial: 888A
Authority key identifier: 29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/56045C5A383A11EEABD4D919C4F9AE02.roa
Signing time: Thu 30 May 2024 15:54:59 +0000
ROA not before: Thu 30 May 2024 15:54:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 132925
IP address blocks: 43.249.188.0/24 maxlen: 24
43.249.189.0/24 maxlen: 24
103.135.120.0/23 maxlen: 24
103.161.12.0/23 maxlen: 24
103.169.80.0/23 maxlen: 24
103.171.56.0/23 maxlen: 24
103.172.6.0/23 maxlen: 24
103.172.12.0/23 maxlen: 24
103.172.198.0/23 maxlen: 24
103.172.224.0/23 maxlen: 24
103.172.228.0/24 maxlen: 24
103.172.229.0/24 maxlen: 24
103.173.18.0/23 maxlen: 24
103.173.48.0/23 maxlen: 24
103.173.68.0/23 maxlen: 24
103.233.26.0/24 maxlen: 24
103.233.27.0/24 maxlen: 24
103.236.108.0/24 maxlen: 24
103.236.109.0/24 maxlen: 24
103.236.110.0/24 maxlen: 24
103.236.111.0/24 maxlen: 24
150.129.1.0/24 maxlen: 24
210.16.101.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 29 Nov 2024 06:14:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34954 (0x888a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918EDB2/serialNumber=296EDB64F3AF6E9D980932E816F95983E3ABC823
Validity
Not Before: May 30 15:54:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6658a152-ff59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:a1:62:da:e3:ac:4b:92:8e:ff:69:4a:c3:8b:
a6:10:d0:1b:53:1a:fc:ef:ed:0d:96:49:3d:45:1d:
b8:64:1f:dd:7b:c2:75:38:b7:5c:9b:fa:03:e9:07:
61:ed:55:7f:ec:ed:e5:f1:5d:07:7d:70:d2:cd:fc:
f2:cb:65:74:d4:f7:9c:33:62:dc:ac:0d:2e:57:68:
c2:03:24:02:72:57:5a:d7:78:a9:68:57:42:2f:68:
d4:40:c3:bc:00:eb:76:d0:8b:f7:c7:3e:02:6e:08:
c3:4d:26:9d:ee:99:c4:e5:75:03:81:9e:dd:98:d3:
46:9e:0f:0a:ea:15:57:dd:37:96:c3:75:18:76:dd:
88:85:eb:a5:4c:f3:9a:29:7e:1e:07:e1:4e:7d:0c:
5b:51:1e:5a:1a:e4:fe:5a:cf:73:9d:9c:31:46:80:
57:f0:c1:f1:85:09:ec:2d:2a:55:73:5b:44:61:37:
9f:43:23:9f:96:a7:24:56:41:a0:2b:72:df:79:6e:
2b:41:13:76:38:9b:7a:05:d9:09:4a:a7:08:f6:a5:
04:67:ae:b5:da:b2:1c:82:b6:b8:fb:21:be:e1:02:
51:ec:98:fe:42:01:63:a8:b8:a3:59:ee:bb:fc:98:
f1:37:3d:db:4f:51:ae:9b:f5:9a:9b:73:5c:73:7c:
57:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:B5:8C:53:5F:FA:43:0D:22:55:42:04:4B:56:3D:C2:0C:B0:A3:30
X509v3 Authority Key Identifier:
keyid:29:6E:DB:64:F3:AF:6E:9D:98:09:32:E8:16:F9:59:83:E3:AB:C8:23
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/KW7bZPOvbp2YCTLoFvlZg-OryCM.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KW7bZPOvbp2YCTLoFvlZg-OryCM.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EDB2/2A43E30C70E911E2B36D4B6B2979BB20/56045C5A383A11EEABD4D919C4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
43.249.188.0/23
103.135.120.0/23
103.161.12.0/23
103.169.80.0/23
103.171.56.0/23
103.172.6.0/23
103.172.12.0/23
103.172.198.0/23
103.172.224.0/23
103.172.228.0/23
103.173.18.0/23
103.173.48.0/23
103.173.68.0/23
103.233.26.0/23
103.236.108.0/22
150.129.1.0/24
210.16.101.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:82:89:3e:15:e8:4f:d6:e4:fa:07:42:eb:95:0d:79:c5:e1:
2c:19:3e:68:7a:b2:b9:d2:1d:08:86:28:1b:e8:b5:35:e5:42:
57:e7:18:f7:17:91:9b:9d:fa:4d:63:51:f4:ec:b9:b3:6c:66:
1d:e5:c3:21:df:96:93:19:69:ac:cf:9e:6e:88:a1:c4:b4:e1:
17:12:c6:3b:fb:0f:84:c6:7e:e6:13:45:b6:e8:50:fe:1e:c5:
3e:18:61:12:c1:35:6f:c1:b5:12:6c:f0:6b:9e:8e:d9:45:57:
44:2b:4e:dd:b7:2b:8c:c8:1c:1b:e0:ef:c0:95:35:2c:aa:5d:
09:c8:21:9e:be:b4:96:01:05:1b:bf:87:d4:c9:8f:d1:57:ec:
71:ab:89:7b:28:46:f2:1e:2f:ec:06:5c:5b:e4:5c:a3:cb:cc:
9e:5b:58:24:03:9c:9f:d4:3a:7c:c2:6b:e9:cb:72:96:34:32:
1e:0c:c9:d2:fd:ad:e3:41:69:77:8b:f0:af:4a:63:0f:95:e3:
ba:94:58:8a:fb:56:dc:a9:ad:b1:07:f3:4e:37:79:e2:bf:a4:
8a:f5:d5:a5:83:f0:88:0a:05:c2:36:be:e3:36:8c:ce:d0:e1:
88:23:49:03:6d:29:44:df:04:cc:1a:10:d0:b2:4e:89:bf:4a:
3a:3c:9f:4f
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgIDAIiKMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MThFREIyMTEwLwYDVQQFEygyOTZFREI2NEYzQUY2RTlEOTgwOTMyRTgxNkY5NTk4
M0UzQUJDODIzMB4XDTI0MDUzMDE1NTQ1OVoXDTI1MDcwMTAwMDAwMFowGDEWMBQG
A1UEAxMNNjY1OGExNTItZmY1OTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJmhYtrjrEuSjv9pSsOLphDQG1Ma/O/tDZZJPUUduGQf3XvCdTi3XJv6A+kH
Ye1Vf+zt5fFdB31w0s388stldNT3nDNi3KwNLldowgMkAnJXWtd4qWhXQi9o1EDD
vADrdtCL98c+Am4Iw00mne6ZxOV1A4Ge3ZjTRp4PCuoVV903lsN1GHbdiIXrpUzz
mil+HgfhTn0MW1EeWhrk/lrPc52cMUaAV/DB8YUJ7C0qVXNbRGE3n0Mjn5anJFZB
oCty33luK0ETdjibegXZCUqnCPalBGeutdqyHIK2uPshvuECUeyY/kIBY6i4o1nu
u/yY8Tc9209Rrpv1mptzXHN8V7sCAwEAAaOCAvUwggLxMB0GA1UdDgQWBBSMtYxT
X/pDDSJVQgRLVj3CDLCjMDAfBgNVHSMEGDAWgBQpbttk869unZgJMugW+VmD46vI
IzAOBgNVHQ8BAf8EBAMCB4AwgYMGA1UdHwR8MHoweKB2oHSGcnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkxOEVEQjIvMkE0M0UzMEM3
MEU5MTFFMkIzNkQ0QjZCMjk3OUJCMjAvS1c3YlpQT3ZicDJZQ1RMb0Z2bFpnLU9y
eUNNLmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBr
aS5hcG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3
MkZEMUZGMi9LVzdiWlBPdmJwMllDVExvRnZsWmctT3J5Q00uY2VyMEoGA1UdIAEB
/wRAMD4wPAYIKwYBBQUHDgIwMDAuBggrBgEFBQcCARYiaHR0cHM6Ly93d3cuYXBu
aWMubmV0L1JQS0kvQ1BTLnBkZjCBywYIKwYBBQUHAQsEgb4wgbswgYMGCCsGAQUF
BzALhndyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MThFREIyLzJBNDNFMzBDNzBFOTExRTJCMzZENEI2QjI5NzlCQjIwLzU2MDQ1QzVB
MzgzQTExRUVBQkQ0RDkxOUM0RjlBRTAyLnJvYTAzBggrBgEFBQcwDYYnaHR0cHM6
Ly9ycmRwLmFwbmljLm5ldC9ub3RpZmljYXRpb24ueG1sMH8GCCsGAQUFBwEHAQH/
BHAwbjBsBAIAATBmAwQBK/m8AwQBZ4d4AwQBZ6EMAwQBZ6lQAwQBZ6s4AwQBZ6wG
AwQBZ6wMAwQBZ6zGAwQBZ6zgAwQBZ6zkAwQBZ60SAwQBZ60wAwQBZ61EAwQBZ+ka
AwQCZ+xsAwQAloEBAwQA0hBlMA0GCSqGSIb3DQEBCwUAA4IBAQC5gok+FehP1uT6
B0LrlQ15xeEsGT5oerK50h0Ihigb6LU15UJX5xj3F5GbnfpNY1H07LmzbGYd5cMh
35aTGWmsz55uiKHEtOEXEsY7+w+Exn7mE0W26FD+HsU+GGESwTVvwbUSbPBrno7Z
RVdEK07dtyuMyBwb4O/AlTUsql0JyCGevrSWAQUbv4fUyY/RV+xxq4l7KEbyHi/s
Blxb5Fyjy8yeW1gkA5yf1Dp8wmvpy3KWNDIeDMnS/a3jQWl3i/CvSmMPleO6lFiK
+1bcqa2xB/NON3niv6SK9dWlg/CICgXCNr7jNozO0OGII0kDbSlE3wTMGhDQsk6J
v0o6PJ9P
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:17:38 2024 by rpki-client on console-fra.rpki-client.org